[New-bugs-announce] [issue39953] Let's update ssl error codes
Dima Tisnek
report at bugs.python.org
Fri Mar 13 00:07:50 EDT 2020
New submission from Dima Tisnek <dimaqq at gmail.com>:
Let's consider ssl error `291` (https://bugs.python.org/issue39951):
It was introduced into openssl 2 years ago: https://github.com/openssl/openssl/commit/358ffa05cd3a088822c7d06256bc87516d918798
The documentation states:
SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY:291:\
application data after close notify
The `ssl.h` header file contains:
# define SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY 291
The master branch of openssl contains this definition too:
https://github.com/openssl/openssl/blob/master/include/openssl/sslerr.h
# define SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY 291
But what does Python say?
ssl.SSLError: [SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2629)
What's KRB5? It supposedly stands for Kerberos5, and it too is seemingly present in openssl header file:
/usr/local/Cellar/openssl/1.0.2s/include/openssl/ssl.h
2951:# define SSL_R_KRB5_S_INIT 291
Moreover, cpython source code contains a fallback, should this value not be defined:
https://github.com/python/cpython/blob/master/Modules/_ssl_data.h
#ifdef SSL_R_KRB5_S_INIT
{"KRB5_S_INIT", ERR_LIB_SSL, SSL_R_KRB5_S_INIT},
#else
{"KRB5_S_INIT", ERR_LIB_SSL, 291},
#endif
Thus, today, Python reports an error with wrong *label* but correct *text*:
[SSL: KRB5_S_INIT] application data after close notify
The label and text don't match each other, because... well... I guess that's why we should fix it :)
----------
components: Extension Modules
messages: 364074
nosy: Dima.Tisnek
priority: normal
severity: normal
status: open
title: Let's update ssl error codes
versions: Python 3.8, Python 3.9
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue39953>
_______________________________________
More information about the New-bugs-announce
mailing list